aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorrub <rub@piwigo.org>2006-03-10 20:17:18 +0000
committerrub <rub@piwigo.org>2006-03-10 20:17:18 +0000
commitade00c95c26eefbd60b5f9f3efc2f848a196cf3e (patch)
treede3b40b18b498c8bca5c17de16ca2babd5f6fb21 /include
parent6163dccab341ae2d3ec7885224f512b99ca48b02 (diff)
Step 4 improvement issue 0000301:
o Correction lock categories and is_admin (functions with parameters now) o Cannot use check_status with upgrade.php and upgrade_feed.php => New function check_upgrade use in upgrade*.php (new functionality for upgrade_feed.php) o upgrade_feed.php is showed only for administrator user git-svn-id: http://piwigo.org/svn/trunk@1075 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
-rw-r--r--include/common.inc.php52
-rw-r--r--include/functions_user.inc.php64
2 files changed, 60 insertions, 56 deletions
diff --git a/include/common.inc.php b/include/common.inc.php
index e2204cc8e..19af297e6 100644
--- a/include/common.inc.php
+++ b/include/common.inc.php
@@ -2,7 +2,7 @@
// +-----------------------------------------------------------------------+
// | PhpWebGallery - a PHP based picture gallery |
// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
+// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
// +-----------------------------------------------------------------------+
// | branch : BSF (Best So Far)
// | file : $RCSfile$
@@ -132,31 +132,6 @@ or die ( "Could not connect to database server" );
mysql_select_db( $cfgBase )
or die ( "Could not connect to database" );
-if ($conf['check_upgrade_feed'])
-{
- // retrieve already applied upgrades
- $query = '
-SELECT id
- FROM '.UPGRADE_TABLE.'
-;';
- $applied = array_from_query($query, 'id');
-
- // retrieve existing upgrades
- $existing = get_available_upgrade_ids();
-
- // which upgrades need to be applied?
- if (count(array_diff($existing, $applied)) > 0)
- {
- ob_start();// buffer output so that cookies work
- echo
- '<p>'
- .'Some database upgrades are missing, '
- .'<a href="'.PHPWG_ROOT_PATH.'upgrade_feed.php">upgrade now</a>'
- .'</p>'
- ;
- }
-}
-
//
// Setup gallery wide options, if this fails then we output a CRITICAL_ERROR
// since basic gallery information is not available
@@ -190,6 +165,31 @@ while ( $row =mysql_fetch_array( $result ) )
include(PHPWG_ROOT_PATH.'include/user.inc.php');
+if (is_admin() and $conf['check_upgrade_feed'])
+{
+ // retrieve already applied upgrades
+ $query = '
+SELECT id
+ FROM '.UPGRADE_TABLE.'
+;';
+ $applied = array_from_query($query, 'id');
+
+ // retrieve existing upgrades
+ $existing = get_available_upgrade_ids();
+
+ // which upgrades need to be applied?
+ if (count(array_diff($existing, $applied)) > 0)
+ {
+ ob_start();// buffer output so that cookies work
+ echo
+ '<p>'
+ .'Some database upgrades are missing, '
+ .'<a href="'.PHPWG_ROOT_PATH.'upgrade_feed.php">upgrade now</a>'
+ .'</p>'
+ ;
+ }
+}
+
// language files
include_once(get_language_filepath('common.lang.php'));
diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php
index aa60ab64c..9e4a83b94 100644
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@@ -2,7 +2,7 @@
// +-----------------------------------------------------------------------+
// | PhpWebGallery - a PHP based picture gallery |
// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
-// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
+// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
// +-----------------------------------------------------------------------+
// | branch : BSF (Best So Far)
// | file : $RCSfile$
@@ -277,6 +277,8 @@ DELETE FROM '.FAVORITES_TABLE.'
*/
function calculate_permissions($user_id, $user_status)
{
+ global $user;
+
$private_array = array();
$authorized_array = array();
@@ -292,7 +294,7 @@ SELECT id
}
// if user is not an admin, locked categories can be considered as private$
- if (!is_admin())
+ if (!is_admin($user_status))
{
$query = '
SELECT id
@@ -541,36 +543,38 @@ function log_user($user_id, $remember_me)
* Test does with user status
* @return bool
*/
-function is_autorize_status($access_type)
+function is_autorize_status($access_type, $user_status = '')
{
global $user;
+ if (($user_status == '') and isset($user['status']))
+ {
+ $user_status = $user['status'];
+ }
+
$access_type_status = ACCESS_NONE;
- if (isset($user['status']))
+ switch ($user_status)
{
- switch ($user['status'])
+ case 'guest':
+ case 'generic':
{
- case 'guest':
- case 'generic':
- {
- $access_type_status = ACCESS_GUEST;
- break;
- }
- case 'normal':
- {
- $access_type_status = ACCESS_CLASSIC;
- break;
- }
- case 'admin':
- {
- $access_type_status = ACCESS_ADMINISTRATOR;
- break;
- }
- case 'webmaster':
- {
- $access_type_status = ACCESS_WEBMASTER;
- break;
- }
+ $access_type_status = ACCESS_GUEST;
+ break;
+ }
+ case 'normal':
+ {
+ $access_type_status = ACCESS_CLASSIC;
+ break;
+ }
+ case 'admin':
+ {
+ $access_type_status = ACCESS_ADMINISTRATOR;
+ break;
+ }
+ case 'webmaster':
+ {
+ $access_type_status = ACCESS_WEBMASTER;
+ break;
}
}
@@ -583,11 +587,11 @@ function is_autorize_status($access_type)
* Test does with user status
* @return none
*/
-function check_status($access_type)
+function check_status($access_type, $user_status = '')
{
global $lang;
- if (!is_autorize_status($access_type))
+ if (!is_autorize_status($access_type, $user_status))
{
echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />';
echo '<a href="'.PHPWG_ROOT_PATH.'identification.php">'.$lang['identification'].'</a></div>';
@@ -599,9 +603,9 @@ function check_status($access_type)
* Return if current user is an administrator
* @return bool
*/
-function is_admin()
+function is_admin($user_status = '')
{
- return is_autorize_status(ACCESS_ADMINISTRATOR);
+ return is_autorize_status(ACCESS_ADMINISTRATOR, $user_status);
}
?> \ No newline at end of file